WordPress Convoworks WP Plugin <= 0.22.14 is vulnerable to Cross Site Scripting (XSS)

Software Convoworks WP Type Plugin Vulnerable versions = 0.22.14 Fixed in 0.22.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID dc17aa921997 Credits Rafie Muhammad Patchstack Required...

WordPress Convoworks WP plugin <= 0.22.13 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Convoworks WP plugin versions = 0.22.13. Solution Update the WordPress Convoworks WP plugin to the latest available version at least 0.22.14...

WordPress Convoworks WP plugin <= 0.22.13 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Convoworks WP plugin versions = 0.22.13. Solution Update the WordPress Convoworks WP plugin to the latest available version at least 0.22.14...